08/17/2020

Malicious Cyber Actor Targets SBA COVID-19 Loan Relief

Applicants must fear phishing scams

On August 12, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) posted a public alert that an unknown malicious cyber actor is actively attempting to direct individuals to a fraudulent Small Business Administration (SBA) COVID-19 Loan Relief webpage. Any visitors to the webpage are then targeted for their login credentials or for further malicious re‑direction. Phishing emails appear to be the malicious cyber actor's primary method of engagement with victims.

What Is Phishing?
Phishing is among the most successful and enduring forms of malicious cyber activity. Whereas hacking can be seen as breaking or picking the cybersecurity lock, phishing is equivalent to convincing the victim to unknowingly hand over the key. Ultimately, phishing is most often a method by which malicious actors attempt to gain sensitive information, such as an individual's workplace login credentials, personal email credentials, or sensitive financial information.

Email phishing attacks will generally impersonate a legitimate person or institution, and sophisticated phishing attacks are adept at mirroring the formatting and language of the entity they are attempting to impersonate. These attacks will often include hyperlinks to compromised webpages or malicious file attachments.

Please select this link to read the complete article from Venable, LLP.